network security Flashcards

1
Q

\what are the security processes (AAA)

A

authentication
authorisation
accounting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

authentication def

A

(deploys robust MFA multi-factor authentication process to) verify that users are who they claim to be

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

authorisation

A

(deploy processes to) verify that users have permission to access/modidfy the resources they are attempting to access/modify

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

accounting

A
  • processes that track & rec activities & actions taking place on the network/its comp systems & detects suspicious activity (IDS)
  • these activity logs can facilitate investigation in the case of network/data breach & aid accountability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

authentication methods

A
  • password (‘smth uk’)
  • MFA, multi-factor authentication (‘smth u hv’, like security token, OTP one-time pw)
  • biometrics (‘smth u are’)
  • digital certificates
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

firewall (authorisation)

A
  • blocks unauthorised access to network
  • checks all inbound & outbound data packets against a set of rules
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

eg of how firewall works

A
  • to disallow HTTP traffic into/out of network, firewall can block all packets using TCP transport protool w destination port (HTTP port num, 80)
  • to prevent comp within the network frm communicating w eo, firewall can block all packets w private IP addresses as destination IP address
  • to prevent comp outside network frm sending packets on unauthorised ports, firewall can block all packets, w public IP addresses as source IP & w destination port >1023
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

IDS (intrusion detection system)

A

device/software app that monitors network/systems for malicious activity/policy violations

BUT (unlike firewall)
IDS X prevent possible intrusions, only signals an alarm upon detection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

IPS (intrusion protection system)

A

system that actively takes steps to prevent an intrusion/atk when it identifies one

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

why IPS > firewall

A
  • IPS hv greater capabilities than firewall: firewall can only filter packets based on info in packet headers BUT IPS can filter packets based on their payload (content) as well
  • a more capable IPS can even analyse pattern of data packets to determine if atk is occurring (esp impt for DDoS)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

asymmetric key encryption (cryptography) purpose

A

ensures only intended recipient of msg can read it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

digital signature

A

(context: how to ensure data transmitted is secure against cyber threats)

  • produced by sender of document to verify that contents are approved
  • verifies authenticity of digital msg & gives confidence that msg came frm stated sender & X altered in transit
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

transport/socket layer security (TSL/SSL)

A

(context: how to ensure data transmitted secure against cyber threats)

  • protocols that provide secure communication by using encryption to protect data transmitted
  • once secure connection established, any data transmitted btwn client & server is encrypted & can be decrypted by intended recipient
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

explain how digital signature works

A

(context: explain what sending and receiving devices can do to detect any malicious alteration of a message, 4m)

  • the sender hashes the message
  • and encrypts the message hash using the sender’s private key to produce the -digital signature
  • the digital signature is included with the original message
  • recipient decrypts the digital signature using the sender’s public key
  • recipient hashes the message using the same hash function
  • recipient verifies that the hash message from the decrypted digital signature and the message hash are the same

(‘visualisation’)
sender
message hash = hash(message)
digital signature = encrypt(message hash, sender’s private key)
digital signature + org message (sent)

recipient
decrypted digital signature = decrypt(digital signature, sender’s public key)
message hash = hash(message)
verify that decrypted digital signature == message hash (same)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly